Sharing more Details, not more Data: Our new Privacy Policy and Data Protection Plans

After an exhilarating first month as Cloudflare’s first Data Protection Officer (DPO), I’m excited to announce that today we are launching a new Privacy Policy. Our new policy explains the kind of information we collect, from whom we collect it, and how we use it in a more transparent way. We also provide clearer instructions for how you, our users, can exercise your data subject rights. Importantly, nothing in our privacy policy changes the level of privacy protection for your information.

Our new policy is a key milestone in our GDPR readiness journey, and it goes into effect on May 25 — the same day as the GDPR. (You can learn more about the European Union’s General Data Protection Regulation here.) But our GDPR journey doesn’t end on May 25.

Over the coming months, we’ll be following GDPR-related developments, providing you periodic updates about what we learn, and adapting our approach as needed. And I’ll continue to focus on GDPR compliance efforts, including coordinating our responses to data subject requests for information about how their data is being handled, evaluating the privacy impact of new products and services on our users’ personal data, and working with customers who want to sign a data protection addendum with us to help with their own GDPR compliance efforts.

We also know there’s a bigger world out there than just the EU. So not only are we implementing GDPR-required measures to our global network to provide a level playing field for all, we are also evaluating and incorporating other jurisdictions’ data protection requirements as needed. This commitment to privacy is core to our mission to help build a better Internet.

Being a DPO isn’t just about the GDPR

As DPO, I’ll be working with Cloudflare’s leadership to fulfill our commitment to privacy by continuing to invest in privacy protections and solutions for our users. This will include working with the business teams to evaluate the privacy impact of new products and services on our users’ personal information, develop tools to help our customers protect the privacy of their website traffic, and innovate solutions — like the DNS resolver 1.1.1.1. — that make the Internet faster and more private for anyone.

I’ll also be advising our business, engineering, marketing, sales, support, operations, and other teams on global privacy law requirements and working with our Public Policy team to understand the impact legislative or regulatory proposals may have on the privacy and security of our users’ data.

I am thrilled to be part of the talented and dedicated Cloudflare team, and I look forward to working with this ever-expanding Cloudflare community. Have a privacy question or concern? You can reach me at privacyquestions@cloudflare.com.

P.S. We are committed to communicating transparently on our data protection journey, so we are posting our Privacy Policy on Github. In the event we need to update our Privacy Policy again, you’ll be able to track our changes.